how stressed are you with your networking job? Networking

---

• how stressed are you with your networking job?
• SFP/SFP+
• ISP with odd "blackhole" issue.
• Cisco WLC - FlexConnect/CAPWAP through ASA (Firewall Rules required)
• (ISP tech) How do you explain to customers when the issue is outside your network?
• Recommend edge/switch/WAPs distributed small office
• I can connect to my work VPN via Cisco AnyConnect remotely; however, I can't access any of the intranet sites. Help?
• Good resources to crash course and really learn networking? Specifically regarding ISP/cloud related networking (firewalls, bgp, vlans, more)?
• How does an ISP run cable drops to multiple buildings from one line.

how stressed are you with your networking job? Posted: 25 Aug 2019 09:26 AM PDT submitted by /u/thechosen1n3 [link] [comments]

SFP/SFP+ Posted: 25 Aug 2019 07:45 AM PDT I'm replacing some equipment in my network rack. The router has SFP+ ports, and my switch has SFP. I'm fairly unversed on fiber connections and compatibilities. With this pose a problem or will this work? I know it would run at 1 Gbps and not 10Gbps. What modules and fiber will I need exactly? submitted by /u/bhjit [link] [comments]

ISP with odd "blackhole" issue. Posted: 25 Aug 2019 03:17 AM PDT Hi all, I'm a shiny new Network Engineer though have a decent amount of background in IT and Networking. Earlier this year I started work at an ISP and everything was running smoothly. I was handed an issue about a month ago where traffic seems to mysteriously vanish for (as far as I can tell) all of our IP ranges, as if our AS is being rejected somewhere. This only happens to certain destinations, though there is no pattern between the route, dest. AS, dest. IP, or Transit used. We managed to resolve this for one destination network by peering with them directly at LINX. What would you guys check here? So far I've attempted reaching out to the NOCs on the destination networks and seeing if they can contact their upstreams, but that's not yielded a lot of return and I'm unsure how else I can investigate this since it's outside of our network. Look forward to hearing from you all. Edit: Just thought I'd add - we're not on any blacklists per my exhaustive checks. I've probably checked a good 100 or so at least. Additionally we have had issues with IP Geolocation, where we're showing up as being in the Netherlands, but I don't see how this could prevent some customers for playing games, for example. We're in the UK. submitted by /u/ANetworkEngineer [link] [comments]

Cisco WLC - FlexConnect/CAPWAP through ASA (Firewall Rules required) Posted: 25 Aug 2019 08:00 AM PDT Howdy, I'm trying to setup a vWLC to sit behind a vASA using CAPWAP/FlexConnect AP's and only allow required ports inbound to the WLC (https://i.imgur.com/55bIOn0.png). I'm referring the the document here: https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/113344-cuwn-ppm.html However, when I lab this up - I can see the ports inbound using random UDP ports (the random one associated to each AP I assume). The only way I can get it to work is to allow the following: UDP Ports 1024 - 65535 Is this right? Is there any other tidy ASA rule(s) than just allowing the UDP ports above else I get the below: https://i.imgur.com/vL1C5v4.png Has anybody had any previous experience of this before? Thanks. submitted by /u/CallumzHD [link] [comments]

(ISP tech) How do you explain to customers when the issue is outside your network? Posted: 25 Aug 2019 02:53 AM PDT Jesus, that was a long rant...apologies. submitted by /u/need-a-thneed [link] [comments]

Recommend edge/switch/WAPs distributed small office Posted: 25 Aug 2019 01:47 PM PDT First post here. We're a small TV/Film post-production group. We've been getting by with SoHo and consumer hardware, but I think we need to invest in some more enterprise-level infrastructure now for reasons of security, performance, and ease of management. I've read about many different brands and others' posted opinions, and it all leaves my head spinning. I'm trying to find what is right for us. I realize there's a ton of "what do you recommend" posts already, but I feel like none of them quite fit our situation. I'll probably reveal how little I know with this post, but I've gone about as far as reading can take me without some human help. Background We work with intellectual property, so I've always been worried that our security isn't robust enough. Besides that, we're now adding some remote workers in other cities, and so we need to extend an always-on VPN to them with good performance and not compromise security in doing so. We also have team members traveling more, so want to have a good VPN solution they can take with them on the road. Additionally, our customers have urged us to give them on-demand access to client data so they can help themselves to it, which would likely take the form of a self-hosted solution like NextCloud on premises, or else mirroring data to something like Backblaze. We're self-supporting power users without an IT staff. I'm the savviest, with a background in IT as it was my first career (but from a long time ago - I've devolved into a glorified power user now). So it falls to me to design/build/deploy/maintain whatever our solution is. There's also a ton of reluctance to move away from this low overhead model, so costly integrators, support contracts, subscription fees, etc., are not likely to get a consensus nod. I know all the arguments about what our downtime is worth, etc., but I'm not the one to convince on that front. Our group is willing to make some up-front investment, but strongly dislike the commitment of ongoing fees unless it's something very modest (a few hundred a year is OK, but they are not going to spend thousands). Current Setup Main Office 5 power users doing editing / color grading / VFX Up to a dozen freelancers who sometimes come on to do additional VFX / editing NAS and workstations connect over 10GbE to a Netgear X7S16T-100NES switch Other clients and low bandwidth devices connect to a 1GbE Netgear M4100-D12G switch 1Gb ISP connection Asus RT-AC5300 is our edge router and WAP, with both switches connecting to it. We run the firewall in the Asus, as well as that built-in to Windows on each client. FTP is used to send/receive files to collaborators and clients, or we ship on a hard drive if it's >500GB or so OpenVPN is used for remote connection Remote Office (#1 and #2, both the same) A couple of Windows workstations with Windows firewall turned on DAS for a local cache of files 1Gb ISP connection Asus RT-AC5300 as gateway and WAP OpenVPN (not always on, start it when needed) What do we need? I'm looking for a recommendation of the whole stack. The main edge device, the switches and WAPs, the remote Edge device / switch / WAP, whatever kit we might take with us while traveling and working remote (unless it's a software-only solution), etc. I'm OK throwing out what we've got, if that makes sense. My "dream" solution, as far as I can determine, would be something like this: User-friendly GUI interface, easy for me to understand, that integrates all the management into a single pane of glass. Straight forward initial setup. I should be able to get it up and running in a week or less, including whatever necessary study, or else it's too complex. Low maintenance. I don't want to spend more than an hour or so a week maintaining this. Smart enough to stay updated against threats, proactively alert me, etc., without me having to be a security expert or monitor it constantly. NGFW that could throughput 1Gb symmetrical performance from main office with VPN, DPI, IPS, and QOS all turned on (assuming I need all these to be secure?) Upgrade path to higher performance (i.e. 10Gb) on the NGFW if/when we upgrade our ISP service Dual ISP support (aggregate performance, QoS, high-availability, etc.) 3-5 WAPs in main office VPNs to separate IOTs, home, guest, general, production, and management networks. Notions and Preconceptions I have ideas, not sure if they're misguided. Gateway/Firewall: Thought of building a PFsense or OPNsense box around a Xeon D-1500 platform, or maybe trying Sophos on it. But then it seems like a lot of tinkering, and that only multiplies when I think of how to manage the requisite box at the remote locations as well. Also thought of Sophos or Fortinet box with their requisite subscriptions. Sonicwall marketing makes their boxes sound like magic how you can mail it to a branch office and setup so easily, but there's a lot of hate for them online too. I have no first hand experience with any of them, so my head is spinning. Cisco and some other enterprise gear seems too expensive, too much to master, and too CLI-oriented. I'm OK with command line, but if all else is equal I'd rather have a GUI for most functions and CLI for occasional advanced use. WAPs: Thought of Ubiquity Unifi, throwing their management as a VM on the server. Switches: Had though of just using our Netgear stuff unless it turns out we need more sophisticated switches, or that I'd get much easier management by putting it all in one brand. Am I asking for the moon, or is there a product stack that would elegantly accomplish all this without breaking the bank / incurring high subscription fees? submitted by /u/CanamAldrin [link] [comments]

I can connect to my work VPN via Cisco AnyConnect remotely; however, I can't access any of the intranet sites. Help? Posted: 25 Aug 2019 02:04 PM PDT Just as the title says. I've tried disabling my firewall and all antiviruses, flushing my DNS, releasing/renewing IPconfig, creating a new Windows user specifically for work, uninstalling/reinstalling Cisco...literally everything. The IT guys at my office can't figure it out either. I also cannot connect to my office's Remote Desktop. For what it's worth, I could work remotely without issue (and connect to both intranet sites and the Remote Desktop) for literal years; then, starting in early February, it just...stopped. I can still connect with my phone, my tablet, and different computer, so it has to be something specific to my machine. Does anyone have any ideas? submitted by /u/ShiftyMcCoy [link] [comments]

Good resources to crash course and really learn networking? Specifically regarding ISP/cloud related networking (firewalls, bgp, vlans, more)? Posted: 24 Aug 2019 04:08 PM PDT Networking has not been a strong point of mine over the years. I've primarily been a desktop tech / Jr. Sysadmin in companies that had separate, dedicated network engineers or teams. I've got the fundamentals of stuff from server, like DHCP, general IP subnetting, DNS, etc. But I recently took a new job at a colo/cloud company that is tons of networking and I'm feeling a bit out of my depth. I'm going to be working with firewalls (Cisco and Fortinet), VLANs on said devices, network load balancing, bgp, VPNs, edge routing, router HA, and much more, and this stuff is all way outside my scope of knowledge. The company knows I don't have all this knowledge, and I was up front about that (my current strengths lie more in the Windows/Linux/VMWare support and management end of things), but I'm doing a lot of training and will have to pick all this stuff up. What are some good resources (books, videos, courses, whatever) I should pick up to get a better grasp on this stuff from the colocation/cloud/ISP end of things, and broaden my perspective on networking and how the internet as a whole works? submitted by /u/tomkatt [link] [comments]

How does an ISP run cable drops to multiple buildings from one line. Posted: 24 Aug 2019 08:28 PM PDT I want as detailed as possible because I can't wrap my head around it. How do ISP's have multiple drops off one wire, I just can't wrap my head around it. Me and a buddy are curious about becoming an ISP and we still have a long way to go, but for the life of me, this is the one thing I don't understand... Like i'm genuinely curious how it actually works. We were going to start as a WISP to get more knowledge as we go, but this is the only thing that stumps me.. submitted by /u/RampageDeluxxe [link] [comments]

You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States